Online security has come a long way in recent years, but so have phishing attacks. As the Epsilon e-mail breach proves, fraudsters are honing their attacks through the acquisition detailed e-mail profiles and sensitive information connections, says ID security expert Tim Rohrbaugh.
"The phishing only works if the consumer participates; they have to click on something; they have to open something," says Neal O'Farrell of the Identity Theft Council. "So, based on that assumption, shouldn't we be doing more to educate them?"
Key questions: What impact - if any - will the recent RSA and Epsilon data breaches have on the FFIEC's pending authentication update? And when will this long-awaited banking guidance finally be released?
A preliminary draft of new online authentication guidance from the Federal Financial Institutions Examination Council puts greater responsibility on the shoulders of financial institutions to enhance security.
NACHA's CEO says ACH-related fraud is often over-hyped, and occurs far less often than check- and payment card-related fraud. But when corporate accounts are breached, fraudulent ACH transactions lead to big financial losses.